www.facebook.securemember.duckdns.org Open in urlscan Pro
143.198.133.222  Malicious Activity! Public Scan

10 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

14 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response www.facebook.securemember.duckdns.org/	71 KB 71 KB	859ms 152ms	Document text/html	143.198.133.222 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://www.facebook.securemember.duckdns.org/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 143.198.133.222 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software Apache / Resource Hash 1f0b9335219ed6473f7eb9a135045703fda954c1d244dd6bda4141f43779c301 Request headers Host www.facebook.securemember.duckdns.org Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Accept-Language de-DE,de;q=0.9 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site none Sec-Fetch-Mode navigate Sec-Fetch-User ?1 Sec-Fetch-Dest document Accept-Encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Accept-Language de-DE,de;q=0.9 Response headers Date Thu, 30 Sep 2021 00:53:12 GMT Server Apache Last-Modified Thu, 30 Sep 2021 00:51:23 GMT Accept-Ranges bytes Content-Length 72511 Keep-Alive timeout=5, max=100 Connection Keep-Alive Content-Type text/html
GET H2	200	image.jpg picky-bunch.000webhostapp.com/	164 KB 164 KB	475ms 134ms	Image image/jpeg	145.14.145.17 AWEX
General Check archive.org Show headers Download Go to Show image Full URL https://picky-bunch.000webhostapp.com/image.jpg Requested by Host: www.facebook.securemember.duckdns.org URL: https://www.facebook.securemember.duckdns.org/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 145.14.145.17 , Netherlands, ASN204915 (AWEX, CY), Reverse DNS Software awex / Resource Hash 0a5beaf1c66774a5d77d5ed5b12b536b5de91183dd4ac62c65d8982180656ee1 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.facebook.securemember.duckdns.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Thu, 30 Sep 2021 00:53:12 GMT x-content-type-options nosniff last-modified Mon, 27 Sep 2021 14:51:36 GMT server awex content-type image/jpeg accept-ranges bytes content-length 167665 x-xss-protection 1; mode=block x-request-id c9167205836e2546a2b93a569710a5b8
GET H2	200	dPuVZfthc_F.css z-m-static.xx.fbcdn.net/rsrc.php/v3/yt/l/0,cross/	14 KB 3 KB	790ms 700ms	Stylesheet text/css	157.240.236.36 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://z-m-static.xx.fbcdn.net/rsrc.php/v3/yt/l/0,cross/dPuVZfthc_F.css?_nc_x=Ij3Wp8lg5Kz Requested by Host: www.facebook.securemember.duckdns.org URL: https://www.facebook.securemember.duckdns.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 157.240.236.36 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS edge-z-m-mini-shv-02-frx5.facebook.com Software / Resource Hash b95874a48653600e17cefda99ffc473321de4d3240d13f4237c728cbb250eb11 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://www.facebook.securemember.duckdns.org/ Origin https://www.facebook.securemember.duckdns.org Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Thu, 30 Sep 2021 00:53:13 GMT content-encoding br x-content-type-options nosniff content-md5 XuvmcCf+CDoBOhhmQceAfA== cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600 content-length 3084 x-fb-rlafr 0 x-fb-debug tfxB6f7R89LApyAjl+sT2m3UUlh3Jho8fEOtXvPIXF2WN1N5qE5BqZf0BDJB514TOifOiH2cqFnOEvafXt4Sbw== last-modified Mon, 01 Jan 2001 08:00:00 GMT vary Accept-Encoding content-type text/css; charset=utf-8 access-control-allow-origin * cache-control public,max-age=31536000,immutable timing-allow-origin * expires Fri, 30 Sep 2022 00:53:13 GMT
GET H2	200	0hKFfqbQuO3.css z-m-static.xx.fbcdn.net/rsrc.php/v3/yG/l/0,cross/	14 KB 3 KB	510ms 421ms	Stylesheet text/css	157.240.236.36 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://z-m-static.xx.fbcdn.net/rsrc.php/v3/yG/l/0,cross/0hKFfqbQuO3.css?_nc_x=Ij3Wp8lg5Kz Requested by Host: www.facebook.securemember.duckdns.org URL: https://www.facebook.securemember.duckdns.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 157.240.236.36 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS edge-z-m-mini-shv-02-frx5.facebook.com Software / Resource Hash c033cdbf3419958b383562fec10452473089fc9b467cbb3dd7f70217ddc4cbb6 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://www.facebook.securemember.duckdns.org/ Origin https://www.facebook.securemember.duckdns.org Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Thu, 30 Sep 2021 00:53:12 GMT content-encoding br x-content-type-options nosniff content-md5 tqbii9UsV7DDgp2GOwm3GQ== cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600 content-length 3208 x-fb-rlafr 0 x-fb-debug iNI+y+NQFlaTM7am4qkul3yN13Dba8/BS1ln8EDsXv9yi3JWZxocrreB40RybbRCfV7/kbLjoTHdKZghsa0V5w== last-modified Mon, 01 Jan 2001 08:00:00 GMT vary Accept-Encoding content-type text/css; charset=utf-8 access-control-allow-origin * cache-control public,max-age=31536000,immutable timing-allow-origin * priority u=3,i expires Fri, 30 Sep 2022 00:53:12 GMT
GET H2	200	36UIRLn-dyc.css z-m-static.xx.fbcdn.net/rsrc.php/v3/yd/l/0,cross/	92 KB 21 KB	829ms 740ms	Stylesheet text/css	157.240.236.36 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://z-m-static.xx.fbcdn.net/rsrc.php/v3/yd/l/0,cross/36UIRLn-dyc.css?_nc_x=Ij3Wp8lg5Kz Requested by Host: www.facebook.securemember.duckdns.org URL: https://www.facebook.securemember.duckdns.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 157.240.236.36 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS edge-z-m-mini-shv-02-frx5.facebook.com Software / Resource Hash 4da766f2a1a4892f6f686ab1c596000f8c00d937625d6309ddb1ef91f5a3023b Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://www.facebook.securemember.duckdns.org/ Origin https://www.facebook.securemember.duckdns.org Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Thu, 30 Sep 2021 00:53:13 GMT content-encoding br x-content-type-options nosniff content-md5 uqcbdCKcbwdnE6nsWw7WHw== cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600 content-length 20933 x-fb-rlafr 0 x-fb-debug uL2Z62xvVQyTOqFz19uD1uUyV/aTGppeN82rmuKK9iiEx9PVmHUlPSm04wFjixk+aL8WPDMzvTzaIhDDbD//FA== last-modified Mon, 01 Jan 2001 08:00:00 GMT vary Accept-Encoding content-type text/css; charset=utf-8 access-control-allow-origin * cache-control public,max-age=31536000,immutable timing-allow-origin * expires Fri, 30 Sep 2022 00:53:13 GMT
GET H2	200	rSVTdwHO_nA.js Show response z-m-static.xx.fbcdn.net/rsrc.php/v3/yw/r/	242 KB 66 KB	96ms 7ms	Script application/x-javascript	157.240.236.36 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://z-m-static.xx.fbcdn.net/rsrc.php/v3/yw/r/rSVTdwHO_nA.js?_nc_x=Ij3Wp8lg5Kz Requested by Host: www.facebook.securemember.duckdns.org URL: https://www.facebook.securemember.duckdns.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 157.240.236.36 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS edge-z-m-mini-shv-02-frx5.facebook.com Software / Resource Hash 59d761d9c1c36a13415b345af125bc09d0218a856ee9a84474d59af527598477 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://www.facebook.securemember.duckdns.org/ Origin https://www.facebook.securemember.duckdns.org Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Thu, 30 Sep 2021 00:53:12 GMT content-encoding br x-content-type-options nosniff content-md5 lG6GfzrLOrq3luy6nRak4Q== cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600 content-length 67005 x-fb-rlafr 0 x-fb-debug aWNizQUCUCantLodEGpRdNxYP8nmIV4ojelV+prFLQ7/qutKcs/lH9lgYsaJoFCS/xkVZBlPINbiDbDrGkEQ6g== last-modified Mon, 01 Jan 2001 08:00:00 GMT vary Accept-Encoding content-type application/x-javascript; charset=utf-8 access-control-allow-origin * cache-control public,max-age=31536000,immutable timing-allow-origin * priority u=3,i expires Fri, 16 Sep 2022 09:29:24 GMT
GET H3	200	dF5SId3UHWd.svg z-m-static.xx.fbcdn.net/rsrc.php/y8/r/	2 KB 1 KB	26ms 8ms	Image image/svg+xml	157.240.236.36 FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://z-m-static.xx.fbcdn.net/rsrc.php/y8/r/dF5SId3UHWd.svg Requested by Host: www.facebook.securemember.duckdns.org URL: https://www.facebook.securemember.duckdns.org/ Protocol H3 Security QUIC, , AES_128_GCM Server 157.240.236.36 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS edge-z-m-mini-shv-02-frx5.facebook.com Software / Resource Hash 9531e96099e973b3d1c291f3e60419d8fe4730f46de8a492fccd2b4c962c96ce Security Headers Name Value Content-Security-Policy default-src data: blob: 'self';script-src *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src 'unsafe-inline';connect-src *.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.xx.facebook.com/csp/reporting/?m=c&minimize=0; X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.facebook.securemember.duckdns.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers content-security-policy default-src data: blob: 'self';script-src *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src 'unsafe-inline';connect-src *.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.xx.facebook.com/csp/reporting/?m=c&minimize=0; content-encoding br x-content-type-options nosniff content-md5 NiMA5zHIsmaYxSYEaw9fHg== cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600 content-length 1027 x-xss-protection 0 x-fb-debug dFDQyTNmiXvBnGFF8MQxb45mcvb9KIopmpzTpNDGe/vGBvwwfzTUSp8hbjB5gdSQVkaCdhIZJf+SIVD0ZZhi6Q== last-modified Mon, 01 Jan 2001 08:00:00 GMT date Thu, 30 Sep 2021 00:53:12 GMT vary Accept-Encoding content-type image/svg+xml access-control-allow-origin * cache-control public,max-age=31536000,immutable x-fb-rlafr 0 timing-allow-origin * priority u=3,i expires Tue, 27 Sep 2022 10:30:23 GMT
GET H2	200	hsts-pixel.gif facebook.com/security/	43 B 2 KB	67ms 29ms	Image image/gif	157.240.236.35 FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://facebook.com/security/hsts-pixel.gif Requested by Host: www.facebook.securemember.duckdns.org URL: https://www.facebook.securemember.duckdns.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 157.240.236.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS edge-star-mini-shv-02-frx5.facebook.com Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Security Headers Name Value Content-Security-Policy default-src facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com data: blob: 'self';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0; Strict-Transport-Security max-age=15552000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.facebook.securemember.duckdns.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers content-security-policy default-src facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com data: blob: 'self';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0; content-encoding br x-content-type-options nosniff content-security-policy-report-only default-src 'self' data: blob: https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src static.xx.fbcdn.net 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net data:;connect-src wss://gateway.facebook.com wss://edge-chat.facebook.com *.facebook.com *.fbcdn.net wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster:;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com;frame-src *.facebook.com *.fbsbx.com;worker-src blob: *.facebook.com;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0; report-to {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"} cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600 x-xss-protection 0 pragma no-cache x-fb-debug 8Wx1kCLYm/1UzkFTNF7paZl6/YoIoQweZiPcAKj46l7e5seH+/a/QHXTHh1olMAF/ldui/4owp7VBYH9ki7glQ== cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" expires Sat, 01 Jan 2000 00:00:00 GMT cross-origin-opener-policy same-origin-allow-popups x-frame-options DENY date Thu, 30 Sep 2021 00:53:12 GMT strict-transport-security max-age=15552000; includeSubDomains access-control-allow-methods OPTIONS content-type image/gif access-control-allow-origin * vary Origin, Accept-Encoding cache-control private, no-cache, no-store, must-revalidate access-control-allow-credentials true x-fb-rlafr 0 access-control-expose-headers X-FB-Debug, X-Loader-Length
GET H2	200	1CaV_wtZZWO.js Show response z-m-static.xx.fbcdn.net/rsrc.php/v3i7QV4/yx/l/en_GB/	297 KB 82 KB	86ms 85ms	Script application/x-javascript	157.240.236.36 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://z-m-static.xx.fbcdn.net/rsrc.php/v3i7QV4/yx/l/en_GB/1CaV_wtZZWO.js?_nc_x=Ij3Wp8lg5Kz Requested by Host: www.facebook.securemember.duckdns.org URL: https://www.facebook.securemember.duckdns.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 157.240.236.36 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS edge-z-m-mini-shv-02-frx5.facebook.com Software / Resource Hash 0b799dd07622cda23b47413db13843187aaa23a50146f58ed54215287b61ea84 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://www.facebook.securemember.duckdns.org/ Origin https://www.facebook.securemember.duckdns.org Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Thu, 30 Sep 2021 00:53:12 GMT content-encoding br x-content-type-options nosniff content-md5 NtHL+Mn8UcxvJTyHS0ftSA== cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600 content-length 83689 x-fb-rlafr 0 x-fb-debug tISUOuNA+UOw14FydOUKJVyMCb4y/hIyGnFdd2vlgzo6dr8u70btmdzuXlu4O3JDrHSKMgg2x547ejCOJUuuBQ== last-modified Mon, 01 Jan 2001 08:00:00 GMT vary Accept-Encoding content-type application/x-javascript; charset=utf-8 access-control-allow-origin * cache-control public,max-age=31536000,immutable timing-allow-origin * expires Fri, 30 Sep 2022 00:53:12 GMT
GET H2	200	MS-0Hi9rB6L.js Show response z-m-static.xx.fbcdn.net/rsrc.php/v3/y3/r/	43 KB 13 KB	15ms 14ms	Script application/x-javascript	157.240.236.36 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://z-m-static.xx.fbcdn.net/rsrc.php/v3/y3/r/MS-0Hi9rB6L.js?_nc_x=Ij3Wp8lg5Kz Requested by Host: www.facebook.securemember.duckdns.org URL: https://www.facebook.securemember.duckdns.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 157.240.236.36 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS edge-z-m-mini-shv-02-frx5.facebook.com Software / Resource Hash 7d91d61f8ab2b95ac802ea3ac55343ce79f57bf4115b4432c611efddbf70beb3 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://www.facebook.securemember.duckdns.org/ Origin https://www.facebook.securemember.duckdns.org Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Thu, 30 Sep 2021 00:53:12 GMT content-encoding br x-content-type-options nosniff content-md5 6gzYaFh8GItfMt1YD53zJQ== cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600 content-length 13495 x-fb-rlafr 0 x-fb-debug ynWJ2MPxyFvL9BDk+bHODscb0BOF7N//0X1EUZJhQPgRmDUOtxaHm69Q1cimR1OT4uRdhSg1/sgFbjrBf/kumw== last-modified Mon, 01 Jan 2001 08:00:00 GMT vary Accept-Encoding content-type application/x-javascript; charset=utf-8 access-control-allow-origin * cache-control public,max-age=31536000,immutable timing-allow-origin * priority u=3,i expires Fri, 16 Sep 2022 08:08:06 GMT
GET H2	200	H_nr8Xw0RQW.js Show response z-m-static.xx.fbcdn.net/rsrc.php/v3/ye/r/	37 KB 12 KB	15ms 14ms	Script application/x-javascript	157.240.236.36 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://z-m-static.xx.fbcdn.net/rsrc.php/v3/ye/r/H_nr8Xw0RQW.js?_nc_x=Ij3Wp8lg5Kz Requested by Host: www.facebook.securemember.duckdns.org URL: https://www.facebook.securemember.duckdns.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 157.240.236.36 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS edge-z-m-mini-shv-02-frx5.facebook.com Software / Resource Hash 3b94630917f879fd1f4dfead7549b1baedb6e473473464bddcfe51547aa552a6 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://www.facebook.securemember.duckdns.org/ Origin https://www.facebook.securemember.duckdns.org Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Thu, 30 Sep 2021 00:53:12 GMT content-encoding br x-content-type-options nosniff content-md5 qHNiZ+fbzP4Cki1PdZX+0w== cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600 content-length 11786 x-fb-rlafr 0 x-fb-debug k5BwEpmDiZnvO9mqnPuSPF4LS+DUMPXK+4V56Wgrf6BVLeSul+QqAHfKuejW+BfrYvON5blJh82Y3JXWLKZCRA== last-modified Mon, 01 Jan 2001 08:00:00 GMT vary Accept-Encoding content-type application/x-javascript; charset=utf-8 access-control-allow-origin * cache-control public,max-age=31536000,immutable timing-allow-origin * priority u=3,i expires Fri, 16 Sep 2022 08:08:06 GMT
GET H2	200	_nF6lGGWX6G.js Show response z-m-static.xx.fbcdn.net/rsrc.php/v3/yY/r/	37 KB 12 KB	15ms 14ms	Script application/x-javascript	157.240.236.36 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://z-m-static.xx.fbcdn.net/rsrc.php/v3/yY/r/_nF6lGGWX6G.js?_nc_x=Ij3Wp8lg5Kz Requested by Host: www.facebook.securemember.duckdns.org URL: https://www.facebook.securemember.duckdns.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 157.240.236.36 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS edge-z-m-mini-shv-02-frx5.facebook.com Software / Resource Hash d1af3a3ff4c8d07d96cb0702c01f7b50a5223bafb07115b597e6813df25524b6 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://www.facebook.securemember.duckdns.org/ Origin https://www.facebook.securemember.duckdns.org Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Thu, 30 Sep 2021 00:53:12 GMT content-encoding br x-content-type-options nosniff content-md5 s211Y9YI3yQnE3W+DHkxDg== cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600 content-length 11791 x-fb-rlafr 0 x-fb-debug 7kLStyqr4O2+yGvbvaJEYKsMSr+yG6IW0jEdYpU5irF8jK9unVZOyrJu2lt8pUw7CX5NCY/+QlRH2BjysTlf2Q== last-modified Mon, 01 Jan 2001 08:00:00 GMT vary Accept-Encoding content-type application/x-javascript; charset=utf-8 access-control-allow-origin * cache-control public,max-age=31536000,immutable timing-allow-origin * priority u=3,i expires Fri, 16 Sep 2022 08:08:06 GMT
GET H2	200	XFDgmlkpDQR.js Show response z-m-static.xx.fbcdn.net/rsrc.php/v3/ys/r/	379 B 429 B	13ms 12ms	Script application/x-javascript	157.240.236.36 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://z-m-static.xx.fbcdn.net/rsrc.php/v3/ys/r/XFDgmlkpDQR.js?_nc_x=Ij3Wp8lg5Kz Requested by Host: www.facebook.securemember.duckdns.org URL: https://www.facebook.securemember.duckdns.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 157.240.236.36 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS edge-z-m-mini-shv-02-frx5.facebook.com Software / Resource Hash f450bb48913a8f808ed1c0cecbedd2bb97a2d3caf68f27f57e0520d0022900c2 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://www.facebook.securemember.duckdns.org/ Origin https://www.facebook.securemember.duckdns.org Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Thu, 30 Sep 2021 00:53:12 GMT content-encoding br x-content-type-options nosniff content-md5 11DAYxeBLSVs9arkcadNYw== cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600 content-length 239 x-fb-rlafr 0 x-fb-debug xpzXjLzf1D5oKdbwD2ZEF/517G7Xg2fhYNzBMZmcI2h2DznWOAMcrTlOEnw1MPIhKM6l4maznEx6GQ+t9m1FIg== last-modified Mon, 01 Jan 2001 08:00:00 GMT vary Accept-Encoding content-type application/x-javascript; charset=utf-8 access-control-allow-origin * cache-control public,max-age=31536000,immutable timing-allow-origin * priority u=3,i expires Fri, 16 Sep 2022 08:08:06 GMT
GET H3	200	-bCVUBifCKe.png z-m-static.xx.fbcdn.net/rsrc.php/v3/yX/r/	28 KB 28 KB	8ms 7ms	Image image/png	157.240.236.36 FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://z-m-static.xx.fbcdn.net/rsrc.php/v3/yX/r/-bCVUBifCKe.png Requested by Host: z-m-static.xx.fbcdn.net URL: https://z-m-static.xx.fbcdn.net/rsrc.php/v3/yt/l/0,cross/dPuVZfthc_F.css?_nc_x=Ij3Wp8lg5Kz Protocol H3 Security QUIC, , AES_128_GCM Server 157.240.236.36 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS edge-z-m-mini-shv-02-frx5.facebook.com Software / Resource Hash ba67fcea6a78eae68677f911a6060b31a0541ca295e8fe74165addd948e068e9 Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://z-m-static.xx.fbcdn.net/rsrc.php/v3/yt/l/0,cross/dPuVZfthc_F.css?_nc_x=Ij3Wp8lg5Kz User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers x-fb-debug MNkFiaxOvlMSBsqmM78PhAMOnceYsl5mz2dyDR8HO8+RvGyctYpPTlwU1WkKxcCOM4JXdfOsuosZorp1T3Uimw== x-content-type-options nosniff last-modified Mon, 01 Jan 2001 08:00:00 GMT content-md5 nnCm377UgQjUqt2+SfCs4Q== date Thu, 30 Sep 2021 00:53:13 GMT content-type image/png access-control-allow-origin * cache-control public,max-age=31536000,immutable cross-origin-resource-policy cross-origin priority u=3,i timing-allow-origin * alt-svc h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600 content-length 28315 x-fb-rlafr 0 expires Sun, 18 Sep 2022 08:08:27 GMT

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Facebook (Social Network)

36 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect boolean| originAgentCluster function| dis function| envFlush object| Env number| __DEV__ function| __annotator function| __bodyWrapper function| __t function| __w function| emptyFunction function| FB_enumerate function| __m object| babelHelpers function| define function| require function| importDefault function| importNamespace function| requireDynamic function| requireLazy function| __d function| $RefreshReg$ function| $RefreshSig$ function| getErrorSafe object| ErrorGuard object| ErrorSerializer object| ErrorUtils function| CavalryLogger function| __updateOrientation object| TimeSlice number| __bigPipeFactory function| now_inl number| __bigPipeFR number| __bigPipeCtor object| bigPipe object| MAjaxify

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

facebook.com
picky-bunch.000webhostapp.com
www.facebook.securemember.duckdns.org
z-m-static.xx.fbcdn.net
143.198.133.222
145.14.145.17
157.240.236.35
157.240.236.36
0a5beaf1c66774a5d77d5ed5b12b536b5de91183dd4ac62c65d8982180656ee1
0b799dd07622cda23b47413db13843187aaa23a50146f58ed54215287b61ea84
1f0b9335219ed6473f7eb9a135045703fda954c1d244dd6bda4141f43779c301
3b94630917f879fd1f4dfead7549b1baedb6e473473464bddcfe51547aa552a6
4da766f2a1a4892f6f686ab1c596000f8c00d937625d6309ddb1ef91f5a3023b
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
59d761d9c1c36a13415b345af125bc09d0218a856ee9a84474d59af527598477
7d91d61f8ab2b95ac802ea3ac55343ce79f57bf4115b4432c611efddbf70beb3
9531e96099e973b3d1c291f3e60419d8fe4730f46de8a492fccd2b4c962c96ce
b95874a48653600e17cefda99ffc473321de4d3240d13f4237c728cbb250eb11
ba67fcea6a78eae68677f911a6060b31a0541ca295e8fe74165addd948e068e9
c033cdbf3419958b383562fec10452473089fc9b467cbb3dd7f70217ddc4cbb6
d1af3a3ff4c8d07d96cb0702c01f7b50a5223bafb07115b597e6813df25524b6
f450bb48913a8f808ed1c0cecbedd2bb97a2d3caf68f27f57e0520d0022900c2